WHAT IS CLAIMED IS 

1. A method for managing resources provided for clients by services in a distributed 
computing environment, comprising: 

a client obtaining a credential for allowing said client to lease access to a resource 
provided by a service; 

said client sending a service request message in a data representation language 
referencing said resource, wherein said service request message includes 
said credential and specifies a first requested lease period; 

said service receiving said service request message; 

examining said credential included in said service request message to determine if 
said credential is authentic; 

said service granting to said client access to said referenced resource for a first 
granted lease period if said examining determines said credential is 
authentic; and 

said service not granting to said client access to said referenced resource if said 
examining determines said credential is not authentic. 

2. The method as recited in claim 1, further comprising said service sending a 
service request response message in said data representation language advising said client 
of said first granted lease period, wherein said service request response message includes 
said credential. 
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3. The method as recited in claim 2, 

wherein said service comprises a service process and a service message endpoint 
operatively coupled to said service process and operable to receive request 
messages from and send response messages to said client in said data 
representation language; 

wherein said receiving said service request message and said sending a service 
request response message are performed by said service message endpoint 
on behalf of said service process; and 

wherein said examining said credential included in said service request message is 
performed by said service message endpoint. 

4. The method as recited in claim 3, wherein said credential is included in said 
service request response message by said service message endpoint. 

5. The method as recited in claim 2, further comprising: 

said client receiving said service request response message; and 

said client examining said credential included in said service request response 
message to determine if said credential is the same as said credential 
included in said service request message sent to said service by said client. 

6. The method as recited in claim 5, 

wherein said client comprises a client process and a client message endpoint 
operatively coupled to said client process and operable to send request 
messages to and receive response messages from said service in said data 
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representation language; 



wherein said sending a service request message and said receiving said service 
request response message are performed by said client message endpoint 
on behalf of said client process; and 

wherein said credential is included in said service request message by said client 
message endpoint. 

7 The method as recited in claim 6, wherein said examining said credential included 
in said service request response message is performed by said client message endpoint. 

8. The method as recited in claim 1, further comprising: 

said client sending, prior to said first granted lease period expiring, a lease 
renewal message in said data representation language referencing said 
resource provided by said service, wherein said lease renewal message 
includes said credential and specifies a second requested lease period; 

said service receiving, prior to said first granted lease period expiring, said lease 
renewal message. 

9. The method as recited in claim 8, further comprising: 

said service examining said credential included in said lease renewal message to 
determine if said credential is authentic; 

said service granting to said client access to said referenced resource for a second 
granted lease period if said examining determines said credential is 
authentic; and 
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said service not granting to said client access to said referenced resource if said 
examining determines said credential is not authentic. 

10. The method as recited in claim 9, wherein said examining said credential included 
in said lease renewal message by said service comprises comparing said credential 
included in said lease renewal message with said credential included in said service 
request message, wherein said credential included in said lease renewal message is 
determined to be authentic if identical to said credential included in said service request 
message. 

11. The method as recited in claim 9, further comprising said service sending a lease 
renewal response message in said data representation language advising said client of said 
second granted lease period, wherein said lease renewal response message includes said 
credential. 

12. The method as recited in claim 11, further comprising: 

said client receiving said lease renewal response message; and 

said client examining said credential included in said lease renewal response 
message to determine if said credential is the same as said credential 
included in said lease renewal message sent to said service. 

13. The method as recited in claim 1, further comprising: 

said client sending a lease cancel message in said data representation language 
referencing said resource, wherein said lease cancel message includes said 
credential; 
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said service receiving said lease cancel message; 

said service examining said credential included in said lease cancel message to 
determine if said credential is authentic; 

said service terminating said first granted lease period for accessing said resource 
if said examining determines said credential is authentic; and 

said service not terminating said first granted lease period for accessing said 
resource if said examining determines said credential is not authentic. 

14. The method as recited in claim 13, further comprising: 

said service sending a lease cancel acknowledgment message in said data 
representation language advising said first granted lease period for 
accessing said resource is terminated; and 

said client receiving said lease cancel acknowledgment message. 

15. The method as recited in claim 1, further comprising said service providing a 
service advertisement comprising: 

a data representation language message schema comprising descriptions of data 
representation language messages for managing leases of resources 
provided by said service; and 

an address for said service receiving said data representation language messages 
for managing leases of resources provided by said service. 

16. The method as recited in claim 15, further comprising said client generating said 
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service request message in accordance with a description of said service request message 
comprised in said descriptions of data representation language messages. 

17. The method as recited in claim 15, wherein said service request message is sent by 
said client to said address, and wherein said service request message is received by said 
service at said address. 

18. The method as recited in claim 15, wherein said address is a Uniform Resource 
Identifier (URI). 

19. The method as recited in claim 1, wherein said obtaining said credential 
comprises: 

said client sending to an authentication service information identifying said client; 
and 

said client receiving from said authentication service said credential. 

20. The method as recited in claim 19, wherein said examining said credential 
included in said service request message comprises: 

said service sending to said authentication service said credential included in said 
service request message; and 

said service receiving from said authentication service indication if said credential 
is authentic. 

21. The method as recited in claim 1, further comprising terminating said granted 
access when said first granted lease period expires. 
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22. The method as recited in claim 1, wherein said service is a space service 
comprising a plurality of service advertisements for enabling access by clients to 
resources provided by a plurality of services, and wherein said resource is a service 
advertisement for a first service of the plurality of services. 

23. The method as recited in claim 1, wherein said data representation language is 
extensible Markup Language (XML). 

24. The method as recited in claim 1, wherein said first granted lease period is less 
than or equal to said first requested lease period. 

25. A method for managing resources provided by services in a distributed computing 
environment, comprising: 

receiving from a client a service request message in a data representation language 
referencing a resource provided by a service, wherein said service request 
message specifies a first requested lease period and includes a credential 
for allowing said client lease access to resources provided by said service; 

examining said credential included in said service request message to determine if 
said credential is authentic; 

granting to said client access to said referenced resource for a first granted lease 
period if said examining determines said credential is authentic; and 

not granting to said client access to said referenced resource if said examining 
determines said credential is not authentic. 

26. The method as recited in claim 25, further comprising: 
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said client sending to an authentication service information identifying said client; 
and 

said client receiving said credential from said authorization service. 

27. The method as recited in claim 25, wherein said examining said credential 
comprises: 

said service sending to an authentication service said credential included in said 
service request message; and 

said service receiving from said authentication service indication if said credential 
is authentic. 

28. The method as recited in claim 25, further comprising sending a service request 
response message in said data representation language advising said client of said first 
granted lease period, wherein said service request response message includes said 
credential. 

29. The method as recited in claim 25, wherein said receiving and said examining are 
performed by said service. 

30. The method as recited in claim 25, 

wherein said receiving a service request message and said examining said 
credential are performed by a space service, wherein said space service 
comprises a plurality of service advertisements for enabling access by 
clients to resources provided by a plurality of services including said 
service; and 
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wherein said space service obtains said first granted lease period from said service 
on behalf of said client. 

31. The method as recited in claim 25, 

wherein said service comprises a service process and a service message endpoint 
operatively coupled to said service process and operable to receive request 
messages from and send response messages to said client in said data 
representation language; and 

wherein said receiving a service request message and said sending a service 
request response message are performed by said service message endpoint 
on behalf of said service process; and 

wherein said examining said credential included in said service request message is 
performed by said service message endpoint. 

32. The method as recited in claim 25, further comprising: 

receiving from said client, prior to said first granted lease period expiring, a lease 
renewal message in said data representation language referencing said 
resource provided by said service, wherein said lease renewal message 
specifies a second requested lease period and includes said credential; 

granting to said client access to said referenced resource for a second granted lease 
period if said examining determines said credential is authentic; and 

not granting to said client access to said referenced resource if said examining 
determines said credential is not authentic. 
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33. The method of claim 32, further comprising sending a lease renewal response 
message in said data representation language advising said client of said second granted 
lease period, wherein said lease renewal response message includes said credential. 

34. The method as recited in claim 25, further comprising: 

receiving from said client a lease cancel message in said data representation 
language referencing said resource, wherein said lease cancel message 
includes said credential; 

examining said credential included in said lease cancel message to determine if 
said credential is authentic; 

terminating said first granted lease period for accessing said resource if said 
examining determines said credential is authentic; and 

not terminating said first granted lease period for accessing said resource if said 
examining determines said credential is not authentic. 

35. The method as recited in claim 25, further comprising providing to said client a 
Uniform Resource Identifier (URI) for sending data representation language messages for 
managing leases of resources provided by said service, wherein said service request 
message is received by said service at said address provided to said client. 

36. The method as recited in claim 25, wherein said data representation language is 
extensible Markup Language (XML). 

37. A distributed computing system, comprising: 
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a service device; and 

a client device configured to; 

obtain a credential for allowing said client device to lease access to a 
resource provided by said service device; 

send a service request message in a data representation language 
referencing said resource, wherein said service request message 
includes said credential and specifies a first requested lease period; 

wherein said service device is configured to: 

receive said service request message; 

examine said credential included in said service request message to 
determine if said credential is authentic; 

grant to said client device access to said referenced resource for a first 
granted lease period if said examining determines said credential is 
authentic; and 

not grant to said client device access to said referenced resource if said 
examining determines said credential is not authentic. 

38. The system as recited in claim 37, wherein said service device is further 
configured to send a service request response message in said data representation 
language advising said client device of said first granted lease period, wherein said 
service request response message includes said credential. 
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39. The system as recited in claim 38, wherein said client device is further configured 
to: 

receive said service request response message; and 

examine said credential included in said service request response message to 
determine if said credential is the same as said credential included in said 
service request message sent to said service device by said client device. 

40. The system as recited in claim 37, 

wherein said client device is further configured to send, prior to said first granted 
lease period expiring, a lease renewal message in said data representation 
language referencing said resource provided by said service device, 
wherein said lease renewal message includes said credential and specifies 
a second requested lease period; and 

wherein said service device is further configured to receive, prior to said first 
granted lease period expiring, said lease renewal message. 

41. The system as recited in claim 40, wherein said service device is further 
configured to: 

examine said credential included in said lease renewal message to determine if 
said credential is authentic; 

grant to said client device access to said referenced resource for a second granted 
lease period if said examining determines said credential is authentic; and 
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not grant to said client device access to said referenced resource if said examining 
determines said credential is not authentic. 

42. The system as recited in claim 37, 

wherein said client device is further configured to send a lease cancel message in 
said data representation language referencing said resource, wherein said 
lease cancel message includes said credential; and 

wherein said service device is further configured to: 

receive said lease cancel message; 

examine said credential included in said lease cancel message to determine 
if said credential is authentic; 

terminate said first granted lease period for accessing said resource if said 
examining determines said credential is authentic; and 

not terminate said first granted lease period for accessing said resource if 
said examining determines said credential is not authentic. 

43. The system as recited in claim 37, wherein said service device is a space service 
device comprising a plurality of service advertisements for enabling access by clients to 
resources provided by a plurality of service devices, and wherein said resource is a 
service advertisement for a first service device of the plurality of service devices. 

44. The system as recited in claim 37, wherein said data representation language is 
extensible Markup Language (XML). 
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45. A distributed computing system, comprising: 
a client device; and 

a service device comprising a service process executable within said service 
device, wherein the service device is configured to: 

receive from said client device a service request message in a data 
representation language referencing a resource provided by said 
service process, wherein said service request message specifies a 
first requested lease period and includes a credential for allowing 
said client device lease access to resources provided by said service 
process; 

examine said credential included in said service request message to 
determine if said credential is authentic; 

grant to said client device access to said referenced resource for a first 
granted lease period if said examining determines said credential is 
authentic; and 

not grant to said client device access to said referenced resource if said 
examining determines said credential is not authentic. 

46. The system as recited in claim 45, further comprising: 
an authorization service device; 

wherein said client device is configured to: 
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send to said authentication service device information identifying said 
client device; and 

receive said credential from said authorization service device; and 

wherein, in said examining said credential, said service device is further 
configured to: 

send to said authentication service device said credential included in said 
service request message; and 

receive from said authentication service device indication if said credential 
is authentic. 

47. The system as recited in claim 45, wherein said service device is further 
configured to send a service request response message in said data representation 
language advising said client of said first granted lease period, wherein said service 
request response message includes said credential. 

48. The system as recited in claim 45, 

wherein said service device is a space service device further comprising: 



a space service process executable within said space service device; and 



a plurality of service advertisements for enabling access by client devices 
to resources provided by a plurality of service processes including 
said service process; 
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wherein said receiving a service request message and said examining said 
credential are performed by said space service device; and 

wherein said space service device obtains said first granted lease period from said 
service device on behalf of said client device 

49. The system as recited in claim 45, 

wherein said service device further comprises a service message endpoint 
operatively coupled to said service process and operable to receive request 
messages from and send response messages to said client device in said 
data representation language; and 

wherein said receiving a service request message and said sending a service 
request response message are performed by said service message endpoint 
on behalf of said service process; and 

wherein said examining said credential included in said service request message is 
performed by said service message endpoint. 

50. The system as recited in claim 45, wherein said service device is further 
configured to: 

receive from said client device, prior to said first granted lease period expiring, a 
lease renewal message in said data representation language referencing 
said resource provided by said service device, wherein said lease renewal 
message specifies a second requested lease period and includes said 
credential; 

grant to said client device access to said referenced resource for a second granted 
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lease period if said examining determines said credential is authentic; and 

not grant to said client device access to said referenced resource if said examining 
determines said credential is not authentic. 

51. The system as recited in claim 45, wherein said service device is further 
configured to: 

receive from said client device a lease cancel message in said data representation 
language referencing said resource, wherein said lease cancel message 
includes said credential; 

examine said credential included in said lease cancel message to determine if said 
credential is authentic; 

terminate said first granted lease period for accessing said resource if said 
examining determines said credential is authentic; and 

not terminate said first granted lease period for accessing said resource if said 
examining determines said credential is not authentic. 

52. The system as recited in claim 45, wherein said service device is further 
configured to provide to said client a Uniform Resource Identifier (URI) for sending data 
representation language messages for managing leases of resources provided by said 
service device, wherein said service request message is received by said service device at 
said address provided to said client device. 

53. The system as recited in claim 45, wherein said data representation language is 
extensible Markup Language (XML). 
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54. A carrier medium comprising program instructions, wherein the program 
instructions are computer-executable to implement: 

a client obtaining a credential for allowing said client to lease access to a resource 
provided by a service; 

said client sending a service request message in a data representation language 
referencing said resource, wherein said service request message includes 
said credential and specifies a first requested lease period; 

said service receiving said service request message; 

examining said credential included in said service request message to determine if 
said credential is authentic; 

said service granting to said client access to said referenced resource for a first 
granted lease period if said examining determines said credential is 
authentic; and 

said service not granting to said client access to said referenced resource if said 
examining determines said credential is not authentic. 

55. The carrier medium as recited in claim 54, wherein the program instructions are 
further computer-executable to implement: 

said client sending, prior to said first granted lease period expiring, a lease 
renewal message in said data representation language referencing said 
resource provided by said service, wherein said lease renewal message 
includes said credential and specifies a second requested lease period; 



Atty. Dkt. No.: 5181-70000 



189 



Conley Rose & Tayon, RC. 




said service receiving, prior to said first granted lease period expiring, said lease 
renewal message. 

5 56. The carrier medium as recited in claim 55, wherein the program instructions are 
further computer-executable to implement: 

said service examining said credential included in said lease renewal message to 
determine if said credential is authentic; 

10 

said service granting to said client access to said referenced resource for a second 
granted lease period if said examining determines said credential is 
authentic; and 

15 said service not granting to said client access to said referenced resource if said 

examining determines said credential is not authentic. 

57. The carrier medium as recited in claim 56, wherein the program instructions are 
further computer-executable to implement: 

20 

said service sending a lease renewal response message in said data representation 
language advising said client of said second granted lease period, wherein 
said lease renewal response message includes said credential; 

25 said client receiving said lease renewal response message; and 

said client examining said credential included in said lease renewal response 
message to determine if said credential is the same as said credential 
included in said lease renewal message sent to said service. 
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58. The carrier medium as recited in claim 54, wherein the program instructions are 
further computer-executable to implement: 

said client sending a lease cancel message in said data representation language 
referencing said resource, wherein said lease cancel message includes said 
credential; 

said service receiving said lease cancel message; 

said service examining said credential included in said lease cancel message to 
determine if said credential is authentic; 

said service terminating said first granted lease period for accessing said resource 
if said examining determines said credential is authentic; and 

said service not terminating said first granted lease period for accessing said 
resource if said examining determines said credential is not authentic. 

59. The carrier medium as recited in claim 54, wherein said service is a space service 
comprising a plurality of service advertisements for enabling access by clients to 
resources provided by a plurality of services, and wherein said resource is a service 
advertisement for a first service of the plurality of services. 

60. The carrier medium as recited in claim 54, wherein said data representation 
language is extensible Markup Language (XML). 

61. A carrier medium comprising program instructions, wherein the program 
instructions are computer-executable to implement: 
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receiving from a client a service request message in a data representation language 
referencing a resource provided by a service, wherein said service request 
message specifies a first requested lease period and includes a credential 
for allowing said client lease access to resources provided by said service; 

examining said credential included in said service request message to determine if 
said credential is authentic; 

granting to said client access to said referenced resource for a first granted lease 
period if said examining determines said credential is authentic; and 

not granting to said client access to said referenced resource if said examining 
determines said credential is not authentic. 

62. The carrier medium as recited in claim 61, wherein the program instructions are 
further computer-executable to implement sending a service request response message in 
said data representation language advising said client of said first granted lease period, 
wherein said service request response message includes said credential. 

63. The carrier medium as recited in claim 61, 

wherein said receiving a service request message and said examining said 
credential are performed by a space service, wherein said space service 
comprises a plurality of service advertisements for enabling access by 
clients to resources provided by a plurality of services including said 
service; and 

wherein said space service obtains said first granted lease period from said service 
on behalf of said client. 
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64. The carrier medium as recited in claim 61, 

wherein said service comprises a service process and a service message endpoint 
operatively coupled to said service process and operable to receive request 
messages from and send response messages to said client in said data 
representation language; and 

wherein said receiving a service request message and said sending a service 
request response message are performed by said service message endpoint 
on behalf of said service process; and 

wherein said examining said credential included in said service request message is 
performed by said service message endpoint. 

65. The carrier medium as recited in claim 61, wherein the program instructions are 
further computer-executable to implement: 

receiving from said client, prior to said first granted lease period expiring, a lease 
renewal message in said data representation language referencing said 
resource provided by said service, wherein said lease renewal message 
specifies a second requested lease period and includes said credential; 

granting to said client access to said referenced resource for a second granted lease 
period if said examining determines said credential is authentic; and 

not granting to said client access to said referenced resource if said examining 
determines said credential is not authentic. 

66. The carrier medium as recited in claim 61, wherein the program instructions are 
further computer-executable to implement: 
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• • 

receiving from said client a lease cancel message in said data representation 
language referencing said resource, wherein said lease cancel message 
includes said credential; 

examining said credential included in said lease cancel message to determine if 
said credential is authentic; 

terminating said first granted lease period for accessing said resource if said 
examining determines said credential is authentic; and 

not terminating said first granted lease period for accessing said resource if said 
examining determines said credential is not authentic. 

67. The carrier medium as recited in claim 61, wherein the program instructions are 
further computer-executable to implement providing to said client a Uniform Resource 
Identifier (URI) for sending data representation language messages for managing leases of 
resources provided by said service, wherein said service request message is received by 
said service at said address provided to said client. 

68. The carrier medium as recited in claim 61, wherein said data representation 
language is extensible Markup Language (XML). 
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